Interview with Jason Brown, Australia

Jason Brown serves as the chair of the Australian mirror committee to ISO/TC 292. He invited the committee to hold its 5th meeting at Standards Australia's office in Sydney. He is also the Chair of ISO/TC 262 Risk management which is an important liaision to TC 292.

Isotc292online.org: You are a member of Australia’s mirror committee to TC 292. Can you briefly provide an outline of your NSB and mirror committee, please?  Jason Brown

HoD: As Chair of the Australian National Standards Body (NSB), Standards Australia Committee MB-025, Security and resilience, I have a primary responsibility for leading the development of Security Standards in Australia.  The SA Committee MB-025 is the mirror Committee to ISO/TC 292 Security and resilience.

SA Committee MB-025 takes all possible steps to align the Australian effort with the International work.  Based on the TC 292 scope of work, SA Committee MB-025 has a sub-committee structure that is closely aligned with the operational Working Groups of TC292

Isotc292online.org: Who are the key stakeholders of security and resilience in Australia?

HoD: MB-025 has a large and diverse range of stakeholders including Commonwealth Government Departments, State Government bodies and national industry and professional associations.

Our Federal Attorney General’s Department has been a strong advocate for security and resilience standards initiatives as is the focus on critical infrastructure security by the recently established Department of Home Affairs.  

Other key stakeholders include the Australian Disaster Resilience Institute, Business Continuity Institute, Security Professionals Australasia, the Australian Security Industry Association and the Risk and Insurance Management Society Australasia.

Isotc292online.org: ISO/TC 292 covers a broad spectrum of standards. In what areas are Australia’s main interests in the work of the committee?

HoD: Australia has established its standards development priorities around organizational and community resilience, protective security, supply chain and business continuity management.

Isotc292online.org: How do you work currently in these areas (e.g.: are there any laws, regulations, national standards or other rules for security and resilience?). How can ISO standards help?

HoD: Australia uses standards as a reference in much legislation, particularly using ISO31000 as a base reference for security related standards.  The Australian Government issues guidelines that make reference to the various international standards once adopted.  It is important that given the role of standardization in Australian law and regulation that international standards reflect good international practice and that vocabulary is clear.  Most business and government contracts require risk based business continuity and protective security plans where significant infrastructure is involved. 

Isotc292online.org: So far have you adopted any ISO/TC 292 standards as a national standard in Australia?  

HoD: The revised ISO 22313 and series has been adopted in Australia.  While not currently adopted as Australian Standards the following;  ISO 22300, ISO 28000 and series, 22315, 22398,22324, 22322, 22397 22311, 22316 and 22313 are all provided Online by Standards Australia and used as reference by a numerous organizations

Isotc292online.org: ISO/TC 292 is now working on a number of standards projects with Australian involvement. What are your main interests in each project (please list) and how would you like to see them developed further?  

HoD: Two areas of protective security work are important and attract a lot of interest.  These are the Security Architecture Standard and the New Work Item being developed by Working Group 6 on Security Plans. When these have progressed we would look to more operational security standards.

Getting the work on resilience right within the context of ISO TC292 is a major priority led by Australia and is a fundamental element for planning standards development within the TC.

Isotc292online.org: How does your mirror committee involve itself in standard development at present and how do you see this developing in the future?

HoD: MB-025 reviews all ISO work at each meeting and allocates leadership on tasks to its operating sub-committees.  The further development of the TC292 Strategic plan and supporting documents will assist MB-025 to establish future priorities.

Isotc292online.org: What advice can you give to interested parties in Australia who want to offer their input to the work of your mirror committee and ISO/TC 292 and who should they contact? 

HoD: Our MB-025 committee is always looking for experts that reflect the work programs of TC292. Committee members regularly present at conferences and workshops and seek out potential committee members.  People can contact the MB-025 Secretariat at Standards Australia or directly to me by LinkedIn inquiry or email.

Isotc292online.org: Are there any projects in security or resilience that Australia would like to promote?     

HoD: Current priorities are work on resilience definitions, vocabulary, protective security and supply chain.  Future work we would like would be physical security design, personnel security practice and surveillance.

Interview made by Brian Roylett, Australia